|Publication number||US9679135 B2|
|Application number||US 14/707,169|
|Publication date||13 Jun 2017|
|Filing date||8 May 2015|
|Priority date||19 Jun 2008|
|Also published as||US20160328558|
|Publication number||14707169, 707169, US 9679135 B2, US 9679135B2, US-B2-9679135, US9679135 B2, US9679135B2|
|Inventors||Chadwick R. Renfro|
|Original Assignee||Bank Of America Corporation|
|Export Citation||BiBTeX, EndNote, RefMan|
|Patent Citations (30), Non-Patent Citations (6), Classifications (21), Legal Events (1)|
|External Links: USPTO, USPTO Assignment, Espacenet|
The present application is a continuation of co-pending U.S. patent application Ser. No. 12/142,177 entitled, “Secure Transaction Personal Computer” filed on Jun. 19, 2008, the entire contents of which is herein incorporated by reference and is assigned to the same assignee as the present application, and from which priority is claimed under 35 U.S.C. §120.
The present invention is related to personal computers, and more specifically to a secure transaction personal computer.
Currently, computer makers have begun to target specific user-bases by creating computer systems designed from the ground-up for specific purposes such as gaming. A computer designed with gaming in mind may be designed with special cooling systems, fast hard drives, plenty of memory, and extremely high-end video cards. The operating systems may also be specially designed for media intensive applications to run smoothly. As another example, blade terminal computers are designed to have limited to no local storage, but heavy network and memory capability to run remote applications seamlessly.
However, currently there is a problem where consumers feel uncomfortable interacting with online banking, online e-commerce systems, or other secure transaction systems where personalized financial information may be transferred. The current solution is to require a user to buy off-the-shelf (OTS) software from vendors to help provide some security for these type transactions. However, these applications are susceptible to being circumvented by malicious software, leaving a user's system at high chance of exposure to misappropriation of identity and becoming victims of misappropriation of funds.
According to one aspect of the present invention, a secure computer for secure transactions includes an operating system, the operating system having built-in security features, a processor, the processor being manufactured with security features and configured to execute software in a virtualized state outside of the operating system, an identity security module, and a loss protection device.
The present invention is further described in the detailed description which follows in reference to the noted plurality of drawings by way of non-limiting examples of embodiments of the present invention in which like reference numerals represent similar parts throughout the several views of the drawings and wherein:
As will be appreciated by one of skill in the art, the present invention may be embodied as a method, system, computer program product, or a combination of the foregoing. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may generally be referred to herein as a “system.” Furthermore, the present invention may take the form of a computer program product on a computer-usable storage medium having computer-usable program code embodied in the medium.
Any suitable computer usable or computer readable medium may be utilized. The computer usable or computer readable medium may be, for example but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. More specific examples (a non-exhaustive list) of the computer readable medium would include the following: an electrical connection having one or more wires; a tangible medium such as a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a compact disc read-only memory (CD-ROM), or other tangible optical or magnetic storage device; or transmission media such as those supporting the Internet or an intranet. Note that the computer usable or computer readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via, for instance, optical scanning of the paper or other medium, then compiled, interpreted, or otherwise processed in a suitable manner, if necessary, and then stored in a computer memory.
In the context of this document, a computer usable or computer readable medium may be any medium that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, platform, apparatus, or device. The computer usable program code may be transmitted using any appropriate medium, including but not limited to the Internet, wireline, optical fiber cable, radio frequency (RF) or other means.
Computer program code for carrying out operations of the present invention may be written in an object oriented, scripted or unscripted programming language such as Java, Perl, Smalltalk, C++ or the like. However, the computer program code for carrying out operations of the present invention may also be written in conventional procedural programming languages, such as the “C” programming language or similar programming languages.
The present invention is described below with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture including instruction means which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operations to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. Alternatively, computer program implemented steps or acts may be combined with operator or human implemented steps or acts in order to carry out an embodiment of the invention.
According to embodiments of the present invention, a secure computer is built with secure hardware, secure operating system, identity security, loss protection security, and may be branded to denote that the computer has been designed with an abundance of security features and/or with a name or logo of a company. Embodiments according to the present invention build upon a secure hardware architecture that provides mechanisms for virtualization and separation of operating system (OS) level functions and applications from other applications and/or potential reporting systems. The secure hardware architecture enables secure status reporting as well as potential secure communication with other hardware functions such as a network interface card (NIC). A software system that runs on the secure hardware architecture may be virtualized to actually perform secure communication with online banking systems and secure transaction systems.
Further, embodiments according to the present invention may have a predetermined and hardened operating system installed on the secure computer (e.g., a hardened version of a Windows-based operating system). In embodiments according to the present invention, all security measures may be turned on to close any potential security holes (e.g., auto-update is set on, install antivirus with auto-update on, firewall is on, restrictions browser are set, etc.). This ensures that the secure computer security is tight, defeating many of the common problems with most systems today.
In addition to the hardware and operating system being tightened, additional security may be provided to protect the user's identity. For example, biometrics may be built-into the computer which allows users to use “what they are” to gain access to the use of the computer, replacing the typical password and keystroke based mechanisms that usually fall prey to eavesdropping by malware. Other examples of identity security used may include one-time password (OTP) technology, and gyro-passwords. The use of identity security, such as biometrics, adds a level of security that makes it difficult for malware or other software to sniff passwords, and provides many more secure opportunities to conduct transactions.
Moreover, according to embodiments of the present invention, a computer for secure transactions may be marked with a special logo to brand the system as a type of secure computer. This provides notice to a user that this computer is built with enhanced security for secure e-commerce, online banking and other secure type transactions. Embodiments according to the present invention may also include loss protection security, for example, Life Lock technology, Lo-Jack technology, etc., as well as special hardware measures such as hard drive locking. Hard drive locking technology insures that if the hard drive is stolen, it cannot run in a new system. This protects the data contained in the hard drive from others. Therefore, a secure computer according to embodiments of the present invention mediates many of the exposure factors such as key logging and typical malware by providing restricted access (e.g., using biometrics), a secure hardware architecture, and a hardened and secure operating system.
As noted previously, embodiments according to the present invention may include a processor with a secure hardware architecture that has the ability to run software code in a virtualized state outside of the running operating system. For example, an instance of a web browser may be “flipped” into a virtualized state and operate outside of the OS, thus preventing eavesdropping by malware. In addition, according to embodiments of the present invention, the computer system may be security hardened by duplicating essential system files, thus preventing overwriting by malicious software. Also, global policies may be put in place that may restrict what users may do, and may provide requirements to users for passwords or other mechanisms before allowing system modifications. The computer system may also include monitoring software that monitors the execution of programs and looks for suspicious behavior. The monitoring software may alert the processor if suspicious behavior has been detected. The computer system, according to the present invention, may also include software that tracks security events (similar to an auditing system) that may covertly send notifications regarding detected security events back to a central location that stores and tracks security events (e.g. a corporate database). The monitoring software and the tracking software may run in a virtualized environment outside of the OS, and “watch” in parallel as the OS runs. This provides a segment so that the OS can't see the software in the virtualized state and therefore, malicious software can't modify it.
The OS may be configured such that if either the original essential system files or the duplicates of the essential system files are modified, they are reverted back to either their original state or a known good state. Since both the original and duplicate essential system files can't be modified at the same time, they may be used to correct each other if one of them is modified. Further, according to embodiments of the present invention, global policies may be set or modified by a user with administrator rights (or domain rights at a corporate level). The processor may issue security related alerts to a user identifying any ramifications of making certain modifications to the system. In addition, according to embodiments of the present invention, the policies may be set, modified, or completely disabled as desired by an appropriate user with the appropriate rights (e.g., administrator rights). Moreover, according to embodiments of the present invention, virtualized software may be used to create secure on-time session keys or private keys for a public key infrastructure (PKI) and be used as a secure “store”, thus preventing malicious software from being able to use/sniff the keys. This provides for a more secure communication.
Further, after the computer system's startup in block 401, in block 410 a virtual tracking application may also be started and run outside of the operating system. Then in block 411, computer security related events may be tracked by the tracking application. In block 412, it may be determined if a security related event has been detected and if not, then the process may return to block 411 where computer security related events may be continued to be tracked. If a security related event has been detected, then in block 413 the detected event may be reported to a central event tracking repository or other entity.
In block 402, after the virtual monitoring application has been started, in block 414, one or more applications or programs may be started, executed or run. In block 415, the virtual monitoring application (or a different virtual monitoring application) may continue monitoring of the executing applications and programs. In block 416, it may be determined if any suspicious activity has been detected based on monitoring the execution of any of the applications and programs and if not, the monitoring may continue. If suspicious activity has been detected, then in block 409, an alert of possible suspicious activity may be generated. The alert may be generated on a display of the computer system or generated and sent exterior to the computer system.
The flowcharts and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the blocks may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises” and/or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
Although specific embodiments have been illustrated and described herein, those of ordinary skill in the art appreciate that any arrangement which is calculated to achieve the same purpose may be substituted for the specific embodiments shown and that the invention has other applications in other environments. This application is intended to cover any adaptations or variations of the present invention. The following claims are in no way intended to limit the scope of the invention to the specific embodiments described herein.
|Cited Patent||Filing date||Publication date||Applicant||Title|
|US6618735||30 Jun 2000||9 Sep 2003||Microsoft Corporation||System and method for protecting shared system files|
|US6971018||28 Apr 2000||29 Nov 2005||Microsoft Corporation||File protection service for a computer system|
|US7093086 *||28 Mar 2002||15 Aug 2006||Veritas Operating Corporation||Disaster recovery and backup using virtual machines|
|US7111172||19 Jul 1999||19 Sep 2006||Rsa Security Inc.||System and methods for maintaining and distributing personal security devices|
|US7689607||15 Apr 2005||30 Mar 2010||Microsoft Corporation||Database page mirroring|
|US20020112171||19 Jan 2001||15 Aug 2002||Intertrust Technologies Corp.||Systems and methods for secure transaction management and electronic rights protection|
|US20030014636||1 Feb 2001||16 Jan 2003||Ahlbrand Stephen D||Physical identification and computer security apparatus and method|
|US20040111640||8 Jul 2003||10 Jun 2004||Baum Robert T.||IP based security applications using location, port and/or device identifier information|
|US20040139315||6 Oct 2003||15 Jul 2004||Fujitsu Limited||Private data protection distribution method and program|
|US20050065874||17 Sep 2004||24 Mar 2005||Transunion Llc||Credit approval monitoring system and method|
|US20050138370||23 Dec 2003||23 Jun 2005||Goud Gundrala D.||Method and system to support a trusted set of operational environments using emulated trusted hardware|
|US20050182956||7 Apr 2005||18 Aug 2005||Intertrust Technologies Corporation||Trusted and secure techniques, systems and methods for item delivery and execution|
|US20050226468||30 Mar 2004||13 Oct 2005||Intel Corporation||Method and apparatus for enabling context awareness in a wireless system|
|US20060031927||31 Jul 2001||9 Feb 2006||Masahiro Mizuno||Information management system, information management method, and system control apparatus|
|US20060101282 *||8 Nov 2004||11 May 2006||Microsoft Corporation||System and method of aggregating the knowledge base of antivirus software applications|
|US20060137010 *||21 Dec 2004||22 Jun 2006||Microsoft Corporation||Method and system for a self-healing device|
|US20060230260||12 Apr 2005||12 Oct 2006||Szolyga Thomas H||Method for configurating a computing system|
|US20060268902||17 Apr 2006||30 Nov 2006||Cingular Wireless Ii, Llc||Dynamic dual-mode service access control, location-based billing, and e911 mechanisms|
|US20070030149||5 Aug 2005||8 Feb 2007||Itronix Corporation||Theft deterrence system for a portable computer and method|
|US20070136579||9 Dec 2005||14 Jun 2007||University Of Washington||Web browser operating system|
|US20070271610||16 May 2006||22 Nov 2007||Steven Grobman||Method and apparatus to detect kernel mode rootkit events through virtualization traps|
|US20080126446||27 Nov 2007||29 May 2008||Storage Appliance Corporation||Systems and methods for backing up user settings|
|US20080270787||3 Jun 2008||30 Oct 2008||Bio-Key International, Inc.||Biometric identification network security|
|US20090158441||12 Dec 2007||18 Jun 2009||Avaya Technology Llc||Sensitive information management|
|US20090319435||30 Apr 2009||24 Dec 2009||Bank Of America Corporation||Secure transaction personal computer|
|KR20080050840A||Title not available|
|WO2000072508A1||25 May 2000||30 Nov 2000||Engineering Systems Solutions, Inc.||System and method for high assurance separation of internal and external networks|
|WO2002071686A1||1 Mar 2002||12 Sep 2002||Invicta Networks, Inc.||Systems and methods that provide external network access from a protected network|
|WO2005027402A1||2 Jan 2004||24 Mar 2005||Copeland Scott R||Personal computer internet security system|
|WO2009062111A1||7 Nov 2008||14 May 2009||Touchnet Information Systems, Inc.||System and method for providing identity theft security|
|1||Description of "Private Data Detector 1.0" taken from http://www.brothersoft.com/private-data-protector-50853.html last updated Oct. 27, 2006.|
|2||Description of "Secure Clean PC 2.11" taken from http://www.download32.com/secure-clean-pc-i26522.html released Oct. 3, 2005.|
|3||Description of "SureClean PC 2.0.1002" taken from http://www.download32.com/sureclean-i27038.html released Feb. 17, 2006.|
|4||GB Search Report mailed May 4, 2010 for GB Application No. GB0910443.1.|
|5||LoJack for Laptops' Apr. 5, 2006, Internet Archive Wayback Machine.|
|6||U.K. Patent Office Search Report issued on Sep. 25, 2009, in re British Patent Application No. 0910441.5, filed Aug. 16, 2011.|
|International Classification||H04L29/08, G06F21/56, G06F21/16, G06F21/64, G06F9/455, G06F21/62, G06F21/32, H04L29/06, G06F21/00|
|Cooperative Classification||G06F21/16, H04L63/06, H04L67/02, G06F21/568, G06F21/6245, H04L63/1475, G06F21/64, G06F2009/45587, G06F21/56, G06F9/45558, G06F21/554, G06F21/32|
|8 May 2015||AS||Assignment|
Owner name: BANK OF AMERICA CORPORATION, NORTH CAROLINA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RENFRO, CHADWICK R.;REEL/FRAME:035594/0494
Effective date: 20080618